排序
CVE-2025-49113: Roundcube Webmail – Remote Code Execution
漏洞标题 CVE-2025-49113: Roundcube Webmail - Remote Code Execution 漏洞描述 Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated us...
2025年3月30日 21:16CVE-2025-27007: OttoKit < 1.0.83 - SureTriggers allows Privilege Escalation
漏洞标题 CVE-2025-27007: OttoKit < 1.0.83 - SureTriggers allows Privilege Escalation 漏洞描述 Incorrect Privilege Assignment vulnerability in Brainstorm Force SureTriggers allow...
2025年12月16日 13:30CVE-2025-4322: Motors <= 5.6.67 - Unauthenticated Privilege Escalation via Password Update/Account Takeover
漏洞标题 CVE-2025-4322: Motors <= 5.6.67 - Unauthenticated Privilege Escalation via Password Update/Account Takeover 漏洞描述 The Motors theme for WordPress is vulnerable to pri...
2025年10月5日 05:23CVE-2025-8191: Swagger UI >=3.14.1 < 3.38.0 - DOM Based Cross-Site Scripting
漏洞标题 CVE-2025-8191: Swagger UI >=3.14.1 < 3.38.0 - DOM Based Cross-Site Scripting 漏洞描述 Swagger UI versions 3.14.1 through 3.37.x are vulnerable to DOM-based Cross-Sit...
2025年10月4日 02:38CVE-2025-53624: Docusaurus Gists Plugin < 4.0.0 - GitHub Personal Access Token Exposure
漏洞标题 CVE-2025-53624: Docusaurus Gists Plugin < 4.0.0 - GitHub Personal Access Token Exposure 漏洞描述 The Docusaurus gists plugin adds a page to your Docusaurus instance, di...
2025年5月13日 14:03(CVE-2025-48828) vBulletin模板条件处理任意PHP代码执行漏洞
漏洞标题 (CVE-2025-48828) vBulletin模板条件处理任意PHP代码执行漏洞 漏洞描述 (CVE-2025-48828) vBulletin模板条件处理任意PHP代码执行漏洞 PoC代码 暂无
2025年9月28日 13:32CVE-2025-31324: SAP NetWeaver Visual Composer Metadata Uploader – Deserialization
漏洞标题 CVE-2025-31324: SAP NetWeaver Visual Composer Metadata Uploader - Deserialization 漏洞描述 SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper a...
2025年9月17日 18:02CVE-2025-13486: Advanced Custom Fields Extended < 0.9.2 - Remote Code Execution
漏洞标题 CVE-2025-13486: Advanced Custom Fields Extended < 0.9.2 - Remote Code Execution 漏洞描述 Advanced Custom Fields: Extended WordPress plugin 0.9.0.5 through 0.9.1.1 conta...
2025年1月30日 18:43CVE-2025-56266: Avigilon ACM – Host Header Injection
漏洞标题 CVE-2025-56266: Avigilon ACM - Host Header Injection 漏洞描述 A Host Header Injection vulnerability in Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code v...
2025年2月22日 12:29CVE-2025-34026: Versa Concerto Actuator Endpoint – Authentication Bypass
漏洞标题 CVE-2025-34026: Versa Concerto Actuator Endpoint - Authentication Bypass 漏洞描述 An authentication bypass vulnerability affected the Spring Boot Actuator endpoints in Ver...
2025年5月27日 15:35CVE-2025-60188: Atarim < 4.2.2 - Sensitive Information Exposure
漏洞标题 CVE-2025-60188: Atarim < 4.2.2 - Sensitive Information Exposure 漏洞描述 Vito Peleg Atarim <= 4.2 contains an insertion of sensitive information into sent data vulne...
2025年10月14日 08:59CVE-2025-60188: Atarim < 4.2.2 - Sensitive Information Exposure
漏洞标题 CVE-2025-60188: Atarim < 4.2.2 - Sensitive Information Exposure 漏洞描述 Vito Peleg Atarim <= 4.2 contains an insertion of sensitive information into sent data vulne...
2025年5月19日 22:18CVE-2025-56819: Datart v1.0.0-rc.3 – Remote Code Execution
漏洞标题 CVE-2025-56819: Datart v1.0.0-rc.3 - Remote Code Execution 漏洞描述 Datart v1.0.0-rc.3 contains a vulnerability that allows remote attackers to execute arbitrary code via ...
2025年10月13日 03:11(CVE-2025-6216) Allegra密码恢复认证绕过漏洞
漏洞标题 (CVE-2025-6216) Allegra密码恢复认证绕过漏洞 漏洞描述 (CVE-2025-6216) Allegra密码恢复认证绕过漏洞 PoC代码 暂无
2025年10月12日 18:02CVE-2025-44136: MapTiler Tileserver-php v2.0 – Unauthenticated XSS
漏洞标题 CVE-2025-44136: MapTiler Tileserver-php v2.0 - Unauthenticated XSS 漏洞描述 MapTiler Tileserver-php v2.0 contains a reflected XSS caused by unencoded reflection of the GET...
2025年4月17日 10:35CVE-2025-2748: Kentico Xperience CMS – Unauthenticated Stored XSS
漏洞标题 CVE-2025-2748: Kentico Xperience CMS - Unauthenticated Stored XSS 漏洞描述 The Kentico Xperience application does not fully validate or filter files uploaded via the multi...
2025年2月19日 22:29
